feat: sql script changes for operation audit (#6342)

* permissions audit

* adpater and repo changes

* save audit

* audits for user and role group

* permissions audit

* permissions schema for

* generic operation audit repo adn service

* renaming

* operations audit service

* schema added

* opeartions audit

* audit generic changes

* audit struct change

* permissions chanages

* sql script

* sql script

* sql fetch

* role grouplisting fix

* role group validation

* removed opeartion audit pkg from oss

* column change

Author: Shivam-nagar23

api/bean/UserRequest.go

@@ -19,6 +19,7 @@ package bean
 import (
 	"encoding/json"
 	"github.com/devtron-labs/devtron/pkg/auth/user/bean"
+	"github.com/devtron-labs/devtron/pkg/sql"
 	"time"
 )
 
@@ -168,3 +169,40 @@ type BulkDeleteRequest struct {
 type UserRoleGroup struct {
 	RoleGroup *RoleGroup `json:"roleGroup"`
 }
+
+type GroupPermissionsAuditDto struct {
+	RoleGroupInfo *RoleGroup   `json:"roleGroupInfo,omitempty"`
+	EntityAudit   sql.AuditLog `json:"entityAudit,omitempty"`
+}
+
+func NewGroupPermissionsAuditDto() *GroupPermissionsAuditDto {
+	return &GroupPermissionsAuditDto{}
+}
+
+func (pa *GroupPermissionsAuditDto) WithRoleGroupInfo(roleGroupInfo *RoleGroup) *GroupPermissionsAuditDto {
+	pa.RoleGroupInfo = roleGroupInfo
+	return pa
+}
+func (pa *GroupPermissionsAuditDto) WithEntityAudit(entityAudit sql.AuditLog) *GroupPermissionsAuditDto {
+	pa.EntityAudit = entityAudit
+	return pa
+}
+
+type UserPermissionsAuditDto struct {
+	UserInfo    *UserInfo    `json:"userInfo,omitempty"`
+	EntityAudit sql.AuditLog `json:"entityAudit,omitempty"`
+}
+
+func NewUserPermissionsAuditDto() *UserPermissionsAuditDto {
+	return &UserPermissionsAuditDto{}
+}
+
+func (pa *UserPermissionsAuditDto) WithUserInfo(userInfo *UserInfo) *UserPermissionsAuditDto {
+	pa.UserInfo = userInfo
+	return pa
+}
+
+func (pa *UserPermissionsAuditDto) WithEntityAudit(entityAudit sql.AuditLog) *UserPermissionsAuditDto {
+	pa.EntityAudit = entityAudit
+	return pa
+}

internal/util/adapter.go

@@ -0,0 +1,10 @@
+package util
+
+func GetApiErrorAdapter(httpStatusCode int, code, userMessage, internalMessage string) *ApiError {
+	return &ApiError{
+		HttpStatusCode:  httpStatusCode,
+		Code:            code,
+		UserMessage:     userMessage,
+		InternalMessage: internalMessage,
+	}
+}

pkg/auth/user/RoleGroupService.go

@@ -89,11 +89,15 @@ func (impl RoleGroupServiceImpl) CreateRoleGroup(request *bean.RoleGroup) (*bean
 	defer tx.Rollback()
 
 	if request.Id > 0 {
-		_, err := impl.roleGroupRepository.GetRoleGroupById(request.Id)
+		roleGroup, err := impl.roleGroupRepository.GetRoleGroupById(request.Id)
 		if err != nil {
 			impl.logger.Errorw("error while fetching user from db", "error", err)
 			return nil, err
 		}
+		if roleGroup != nil && len(roleGroup.Name) > 0 {
+			return nil, util.GetApiErrorAdapter(400, "400", "role group already exist with the given id", "role group already exist with the given id")
+		}
+		return nil, util.GetApiErrorAdapter(400, "400", "id not supported in create request", "id not supported in create request")
 	} else {
 		//loading policy for safety
 		casbin2.LoadPolicy()

scripts/sql/31902800_operation_audit.down.sql

@@ -0,0 +1,5 @@
+-- Drop Table: operation_audit
+DROP TABLE IF EXISTS "public"."operation_audit";
+
+-- Drop Sequence: id_seq_operation_audit
+DROP SEQUENCE IF EXISTS id_seq_operation_audit;

scripts/sql/31902800_operation_audit.up.sql

@@ -0,0 +1,21 @@
+BEGIN;
+
+-- Create Sequence for operation_audit
+CREATE SEQUENCE IF NOT EXISTS id_seq_operation_audit;
+
+-- Table Definition: operation_audit
+CREATE TABLE IF NOT EXISTS "public"."operation_audit" (
+    "id"                    int         NOT NULL DEFAULT nextval('id_seq_operation_audit'::regclass),
+    "entity_id"             int         NOT NULL,
+    "entity_type"           VARCHAR(50) NOT NULL ,
+    "operation_type"        VARCHAR(20) NOT NULL,
+    "entity_value_json"     jsonb       NOT NULL,
+    "entity_value_schema_type"            VARCHAR(20) NOT NULL,
+    "created_on"            timestamptz NOT NULL,
+    "created_by"            int4        NOT NULL,
+    "updated_on"            timestamptz NOT NULL,
+    "updated_by"            int4        NOT NULL,
+    PRIMARY KEY ("id")
+    );
+
+COMMIT;